{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T19:49:47Z","timestamp":1780084187677,"version":"3.54.0"},"reference-count":67,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2020,9,22]],"date-time":"2020-09-22T00:00:00Z","timestamp":1600732800000},"content-version":"vor","delay-in-days":265,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"the Bentley Data Innovation Network"},{"DOI":"10.13039\/100000001","name":"the U.S. National Science Foundation","doi-asserted-by":"crossref","award":["#CNS-1814439"],"award-info":[{"award-number":["#CNS-1814439"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,1,1]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Smartphone location sharing is a particularly sensitive type of information disclosure that has implications for users\u2019 digital privacy and security as well as their physical safety. To understand and predict location disclosure behavior, we developed an Android app that scraped metadata from users\u2019 phones, asked them to grant the location-sharing permission to the app, and administered a survey. We compared the effectiveness of using self-report measures commonly used in the social sciences, behavioral data collected from users\u2019 mobile phones, and a new type of measure that we developed, representing a hybrid of self-report and behavioral data to contextualize users\u2019 attitudes toward their past location-sharing behaviors. This new type of measure is based on a reflective learning paradigm where individuals reflect on past behavior to inform future behavior. Based on data from 380 Android smartphone users, we found that the best predictors of whether participants granted the location-sharing permission to our app were: behavioral intention to share information with apps, the \u201cFYI\u201d communication style, and one of our new hybrid measures asking users whether they were comfortable sharing location with apps currently installed on their smartphones. Our novel, hybrid construct of self-reflection on past behavior significantly improves predictive power and shows the importance of combining social science and computational science approaches for improving the prediction of users\u2019 privacy behaviors. Further, when assessing the construct validity of the Behavioral Intention construct drawn from previous location-sharing research, our data showed a clear distinction between two different types of Behavioral Intention: self-reported intention to use mobile apps versus the intention to share information with these apps. This finding suggests that users desire the ability to use mobile apps without being required to share sensitive information, such as their location. These results have important implications for cybersecurity research and system design to meet users\u2019 location-sharing privacy needs.<\/jats:p>","DOI":"10.1093\/cybsec\/tyaa014","type":"journal-article","created":{"date-parts":[[2020,9,22]],"date-time":"2020-09-22T15:19:41Z","timestamp":1600787981000},"source":"Crossref","is-referenced-by-count":12,"title":["Predicting smartphone location-sharing decisions through self-reflection on past privacy behavior"],"prefix":"10.1093","volume":"6","author":[{"given":"Pamela","family":"Wisniewski","sequence":"first","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Muhammad Irtaza","family":"Safi","sequence":"additional","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sameer","family":"Patil","sequence":"additional","affiliation":[{"name":"Luddy School of Informatics, Computing, and Engineering, Indiana University, Bloomington, IN 47408, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xinru","family":"Page","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Brigham Young University, Waltham, Provo, UT 84602, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"286","published-online":{"date-parts":[[2020,9,22]]},"reference":[{"key":"2020092211143883800_tyaa014-B1","author":"Global social media research summary","year":"2019"},{"key":"2020092211143883800_tyaa014-B2","author":"App Monetization: Store, Ads to Deliver $189B by","year":"2020"},{"key":"2020092211143883800_tyaa014-B3","author":"Olmstead","year":"2015"},{"key":"2020092211143883800_tyaa014-B4","first-page":"1427","author":"Wisniewski","year":"2015"},{"key":"2020092211143883800_tyaa014-B5","doi-asserted-by":"crossref","first-page":"1038","DOI":"10.1016\/j.tele.2017.04.013","article-title":"The privacy paradox: investigating discrepancies between expressed privacy concerns and actual online behavior \u2013 a systematic literature review","volume":"34","author":"Barth","year":"2017","journal-title":"Telematics and Informatics"},{"key":"2020092211143883800_tyaa014-B6","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1111\/j.1745-6606.2006.00070.x","article-title":"The privacy paradox: personal information disclosure intentions versus behaviors","volume":"41","author":"Norberg","year":"2007","journal-title":"Journal of Consumer Affairs"},{"key":"2020092211143883800_tyaa014-B7","author":"Marathe","year":"2007"},{"key":"2020092211143883800_tyaa014-B8","first-page":"153","author":"Page","year":"2013"},{"key":"2020092211143883800_tyaa014-B9","doi-asserted-by":"crossref","first-page":"298","DOI":"10.1111\/j.1468-2958.2010.01377.x","article-title":"Personalization versus customization: the importance of agency, privacy, and power usage","volume":"36","author":"Sundar","year":"2010","journal-title":"Human Communication Research"},{"key":"2020092211143883800_tyaa014-B10","author":"Xu","year":"2012"},{"key":"2020092211143883800_tyaa014-B11","first-page":"787","author":"Almuhimedi","year":"2015"},{"key":"2020092211143883800_tyaa014-B12","first-page":"1666","author":"Amos","year":"2013"},{"key":"2020092211143883800_tyaa014-B13","first-page":"682","author":"Li","year":"2016"},{"key":"2020092211143883800_tyaa014-B14","doi-asserted-by":"crossref","first-page":"235","DOI":"10.17705\/1CAIS.03810","article-title":"Framing and measuring multi-dimensional interpersonal privacy preferences of social networking site users","volume":"38","author":"Wisniewski","year":"2016","journal-title":"Communications of the Association for Information Systems"},{"key":"2020092211143883800_tyaa014-B15","first-page":"793","author":"Xu","year":"2004"},{"key":"2020092211143883800_tyaa014-B16","first-page":"1","author":"Xu","year":"2008"},{"key":"2020092211143883800_tyaa014-B17","doi-asserted-by":"crossref","first-page":"167","DOI":"10.2307\/249477","article-title":"Information privacy: measuring individuals\u2019 concerns about organizational practices","volume":"20","author":"Smith","year":"1996","journal-title":"MIS Quarterly"},{"key":"2020092211143883800_tyaa014-B18","author":"Google Inc. Permissions Overview"},{"key":"2020092211143883800_tyaa014-B19","doi-asserted-by":"crossref","first-page":"1133","DOI":"10.1016\/j.ijhcs.2013.09.002","article-title":"Guide to measuring privacy concern: review of survey and observational instruments","volume":"71","author":"Preibusch","year":"2013","journal-title":"International Journal of Human-Computer Studies"},{"key":"2020092211143883800_tyaa014-B20","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1016\/0749-5978(91)90020-T","article-title":"The theory of planned behavior","volume":"50","author":"Ajzen","year":"1991","journal-title":"Organizational Behavior and Human Decision Processes"},{"key":"2020092211143883800_tyaa014-B21","doi-asserted-by":"crossref","first-page":"336","DOI":"10.1287\/isre.1040.0032","article-title":"Internet users\u2019 information privacy concerns (IUIPC): the construct, the scale, and a causal model","volume":"15","author":"Malhotra","year":"2004","journal-title":"Information Systems Research"},{"key":"2020092211143883800_tyaa014-B22","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1002\/asi.20459","article-title":"Development of measures of online privacy concern and protection for use on the Internet","volume":"58","author":"Buchanan","year":"2007","journal-title":"Journal of the American Society for Information Science and Technology"},{"key":"2020092211143883800_tyaa014-B23","first-page":"3149","author":"Keith","year":"2014"},{"key":"2020092211143883800_tyaa014-B24","doi-asserted-by":"crossref","first-page":"305","DOI":"10.1016\/j.elerap.2014.06.007","article-title":"Disclosing too much? Situational factors affecting information disclosure in social commerce environment","volume":"13","author":"Sharma","year":"2014","journal-title":"Electronic Commerce Research and Applications"},{"key":"2020092211143883800_tyaa014-B25","first-page":"1131","author":"Guha","year":"2015"},{"key":"2020092211143883800_tyaa014-B26","first-page":"266","author":"Page","year":"2012"},{"key":"2020092211143883800_tyaa014-B27","first-page":"709","author":"Barkhuus","year":"2003"},{"key":"2020092211143883800_tyaa014-B28","first-page":"201","author":"Liu","year":"2014"},{"key":"2020092211143883800_tyaa014-B29","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3132029","article-title":"Does this app really need my location?: Context-aware privacy management for smartphones","volume":"1","author":"Chitkara","year":"2017","journal-title":"Proceedings of the ACM on Interactive Mobile, Wearable and Ubiquitous Technologies"},{"key":"2020092211143883800_tyaa014-B30","author":"Srivastava","year":"2017"},{"key":"2020092211143883800_tyaa014-B31","doi-asserted-by":"crossref","DOI":"10.14722\/usec.2014.23044","article-title":"A field study of run-time location access disclosures on android smartphones","volume":"14","author":"Fu","year":"2014","journal-title":"Proceedings of the Workshop on Usable Security"},{"key":"2020092211143883800_tyaa014-B32","first-page":"27","author":"Liu","year":"2016"},{"key":"2020092211143883800_tyaa014-B33","first-page":"pp. 239","author":"Fawaz","year":"2014"},{"key":"2020092211143883800_tyaa014-B34","first-page":"268:1","author":"Wijesekera","year":"2018"},{"key":"2020092211143883800_tyaa014-B35","first-page":"1058","author":"Olejnik","year":"2017"},{"key":"2020092211143883800_tyaa014-B36","doi-asserted-by":"crossref","first-page":"1869","DOI":"10.1109\/TIFS.2014.2353996","article-title":"Exploring permission-induced risk in Android applications for malicious application detection","volume":"9","author":"Wang","year":"2014","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"2020092211143883800_tyaa014-B37","doi-asserted-by":"crossref","first-page":"122","DOI":"10.1016\/j.future.2013.09.014","article-title":"Mining permission patterns for contrasting clean and malicious android applications","volume":"36","author":"Moonsamy","year":"2014","journal-title":"Future Generation Computer Systems"},{"key":"2020092211143883800_tyaa014-B38","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1007\/978-3-319-07076-6_2","volume-title":"Risk Assessment and Risk-Driven Testing","author":"Mylonas","year":"2014"},{"key":"2020092211143883800_tyaa014-B39","author":"Jeon","year":"2011"},{"key":"2020092211143883800_tyaa014-B40","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1016\/j.ijhcs.2016.09.006","article-title":"Making privacy personal: profiling social network users to inform privacy education and nudging","volume":"98","author":"Wisniewski","year":"2017","journal-title":"International Journal of Human-Computer Studies"},{"key":"2020092211143883800_tyaa014-B41","first-page":"501","author":"Lin","year":"2012"},{"key":"2020092211143883800_tyaa014-B42","first-page":"199","author":"Lin","year":"2014"},{"key":"2020092211143883800_tyaa014-B43","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1007\/978-3-319-39931-7_6","volume-title":"Social, Cultural, and Behavioral Modeling","author":"Ghosh","year":"2016"},{"key":"2020092211143883800_tyaa014-B44","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2636242.2636244","article-title":"Predicting user traits from a snapshot of apps installed on a smartphone","volume":"18","author":"Seneviratne","year":"2014","journal-title":"SIGMOBILE Mobile Computing and Communication Reviews"},{"key":"2020092211143883800_tyaa014-B45","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1145\/2721896.2721908","article-title":"Your installed apps reveal your gender and more!","volume":"18","author":"Seneviratne","year":"2015","journal-title":"SIGMOBILE Mobile Computing and Communication Reviews"},{"key":"2020092211143883800_tyaa014-B46","author":"Malmi","year":"2016"},{"key":"2020092211143883800_tyaa014-B47","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1037\/h0040957","article-title":"Construct validity in psychological tests","volume":"52","author":"Cronbach","year":"1955","journal-title":"Psychological Bulletin"},{"key":"2020092211143883800_tyaa014-B48","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1108\/13527590210442258","article-title":"Using reflective learning journals to improve individual and team performance","volume":"8","author":"Loo","year":"2002","journal-title":"Team Performance Management: An International Journal"},{"key":"2020092211143883800_tyaa014-B49","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1177\/0022167883232011","article-title":"Reflective learning: key to learning from experience","volume":"23","author":"Boyd","year":"1983","journal-title":"Journal of Humanistic Psychology"},{"key":"2020092211143883800_tyaa014-B50","doi-asserted-by":"crossref","first-page":"527","DOI":"10.1007\/s00779-008-0200-9","article-title":"Designing for privacy and self-presentation in social awareness","volume":"12","author":"Raento","year":"2008","journal-title":"Personal and Ubiquitous Computing"},{"key":"2020092211143883800_tyaa014-B51","first-page":"81","author":"Consolvo","year":"2005"},{"key":"2020092211143883800_tyaa014-B52","doi-asserted-by":"crossref","first-page":"213","DOI":"10.1007\/11551201_13","volume-title":"UbiComp 2005: Ubiquitous Computing","author":"Iachello","year":"2005"},{"key":"2020092211143883800_tyaa014-B53","doi-asserted-by":"crossref","first-page":"354","DOI":"10.1007\/978-3-540-74853-3_21","volume-title":"UbiComp 2007: Ubiquitous Computing","author":"Brown","year":"2007"},{"key":"2020092211143883800_tyaa014-B54","first-page":"807","author":"Shih","year":"2015"},{"key":"2020092211143883800_tyaa014-B55","first-page":"197","author":"Wiese","year":"2011"},{"key":"2020092211143883800_tyaa014-B56","first-page":"65","author":"Boesen","year":"2010"},{"key":"2020092211143883800_tyaa014-B57","doi-asserted-by":"crossref","first-page":"665","DOI":"10.1080\/01463373.2012.725004","article-title":"Communication privacy management theory: exploring coordination and ownership between friends","volume":"60","author":"Kennedy-Lightsey","year":"2012","journal-title":"Communication Quarterly"},{"key":"2020092211143883800_tyaa014-B58","doi-asserted-by":"crossref","first-page":"477","DOI":"10.2307\/40041279","article-title":"A taxonomy of privacy","volume":"154","author":"Solove","year":"2006","journal-title":"University of Pennsylvania Law Review"},{"key":"2020092211143883800_tyaa014-B59","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1089\/cyber.2015.0340","article-title":"Do smartphone power users protect mobile privacy better than nonpower users? Exploring power usage as a factor in mobile privacy protection and disclosure","volume":"19","author":"Kang","year":"2016","journal-title":"Cyberpsychology, Behavior, and Social Networking"},{"key":"2020092211143883800_tyaa014-B60","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1177\/1094428114555994","article-title":"Cronbach\u2019s coefficient alpha: well known but poorly understood","volume":"18","author":"Cho","year":"2015","journal-title":"Organizational Research Methods"},{"key":"2020092211143883800_tyaa014-B61"},{"key":"2020092211143883800_tyaa014-B62","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4419-1742-3","volume-title":"Logistic Regression: A Self-Learning Text","author":"Kleinbaum","year":"2010","edition":"3rd edn."},{"key":"2020092211143883800_tyaa014-B63","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2019.23014"},{"key":"2020092211143883800_tyaa014-B64","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1111\/j.1540-5915.2008.00192.x","article-title":"Technology acceptance model 3 and a research agenda on interventions","volume":"39","author":"Venkatesh","year":"2008","journal-title":"Decision Sciences"},{"key":"2020092211143883800_tyaa014-B65","doi-asserted-by":"crossref","first-page":"425","DOI":"10.2307\/30036540","article-title":"User acceptance of information technology: toward a unified view","volume":"27","author":"Venkatesh","year":"2003","journal-title":"MIS Quarterly"},{"key":"2020092211143883800_tyaa014-B66","first-page":"37","author":"Kang","year":"2014"},{"key":"2020092211143883800_tyaa014-B67","first-page":"117","author":"Busse","year":"2019"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa014\/33780300\/tyaa014.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/6\/1\/tyaa014\/33780300\/tyaa014.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,14]],"date-time":"2024-08-14T14:45:43Z","timestamp":1723646743000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyaa014\/5910009"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,1]]},"references-count":67,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2020,1,1]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyaa014","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"value":"2057-2085","type":"print"},{"value":"2057-2093","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2020]]},"published":{"date-parts":[[2020,1,1]]},"article-number":"tyaa014"}}